Published: 20/04/2006 Updated: 30/10/2018

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

The Linux kernel prior to 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.0
linux linux kernel 2.6.10
linux linux kernel 2.6.11.2
linux linux kernel 2.6.11.3
linux linux kernel 2.6.11
linux linux kernel 2.6.12.5
linux linux kernel 2.6.12.6
linux linux kernel 2.6.13
linux linux kernel 2.6.13.1
linux linux kernel 2.6.14.5
linux linux kernel 2.6.14.6
linux linux kernel 2.6.15
linux linux kernel 2.6.15.1
linux linux kernel 2.6.16.3
linux linux kernel 2.6.16.4
linux linux kernel 2.6.16_rc7
linux linux kernel 2.6.2
linux linux kernel 2.6.3
linux linux kernel 2.6.4
linux linux kernel 2.6.5
linux linux kernel 2.6.6
linux linux kernel 2.6.7
linux linux kernel 2.6.8
linux linux kernel 2.6.9
linux linux kernel 2.6.16.7
linux linux kernel
linux linux kernel 2.6.1
linux linux kernel 2.6.11.11
linux linux kernel 2.6.11.12
linux linux kernel 2.6.11.8
linux linux kernel 2.6.11.9
linux linux kernel 2.6.12.3
linux linux kernel 2.6.12.4
linux linux kernel 2.6.12
linux linux kernel 2.6.14.3
linux linux kernel 2.6.14.4
linux linux kernel 2.6.14
linux linux kernel 2.6.15.7
linux linux kernel 2.6.16.1
linux linux kernel 2.6.16.2
linux linux kernel 2.6.16
linux linux kernel 2.6.11.4
linux linux kernel 2.6.11.5
linux linux kernel 2.6.13.2
linux linux kernel 2.6.13.3
linux linux kernel 2.6.14.7
linux linux kernel 2.6.15.2
linux linux kernel 2.6.15.3
linux linux kernel 2.6.15.4
linux linux kernel 2.6_test9_cvs
linux linux kernel 2.6.16.5
linux linux kernel 2.6.16.6
linux linux kernel 2.6.11.1
linux linux kernel 2.6.11.10
linux linux kernel 2.6.11.6
linux linux kernel 2.6.11.7
linux linux kernel 2.6.12.1
linux linux kernel 2.6.12.2
linux linux kernel 2.6.13.4
linux linux kernel 2.6.14.1
linux linux kernel 2.6.14.2
linux linux kernel 2.6.15.5
linux linux kernel 2.6.15.6
freebsd freebsd

An integer overflow was discovered in the do_replace() function A local user process with the CAP_NET_ADMIN capability could exploit this to execute arbitrary commands with full root privileges However, none of Ubuntu’s supported packages use this capability with any non-root user, so this only affects you if you use some third party software l ...

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3359 Franz Filz discovered that some socket calls permit causing inconsistent reference count ...

CWE-310 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187910 http://secunia.com/advisories/19724 http://secunia.com/advisories/19715 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187911 http://www.securityfocus.com/bid/17600 http://www.osvdb.org/24807 http://securitytracker.com/id?1015966 http://www.debian.org/security/2006/dsa-1097 http://secunia.com/advisories/20671 http://www.novell.com/linux/security/advisories/2006-05-31.html http://www.ubuntu.com/usn/usn-302-1 http://secunia.com/advisories/20716 http://www.debian.org/security/2006/dsa-1103 http://secunia.com/advisories/20914 http://www.redhat.com/support/errata/RHSA-2006-0579.html http://secunia.com/advisories/21035 http://www.redhat.com/support/errata/RHSA-2006-0437.html http://secunia.com/advisories/21136 http://www.redhat.com/support/errata/RHSA-2006-0575.html http://secunia.com/advisories/21465 http://secunia.com/advisories/20398 http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm http://secunia.com/advisories/21983 http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://secunia.com/advisories/22417 http://kb.vmware.com/kb/2533126 http://www.vmware.com/download/esx/esx-213-200610-patch.html http://www.vmware.com/download/esx/esx-254-200610-patch.html http://secunia.com/advisories/22875 http://secunia.com/advisories/22876 http://lwn.net/Alerts/180820/http://www.osvdb.org/24746 http://secunia.com/advisories/19735 http://www.vupen.com/english/advisories/2006/1426 http://www.vupen.com/english/advisories/2006/4353 http://www.vupen.com/english/advisories/2006/4502 http://www.vupen.com/english/advisories/2006/1475 http://www.vupen.com/english/advisories/2006/2554 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://marc.info/?l=linux-kernel&m=114548768214478&w=2 http://www.securityfocus.com/archive/1/431341 https://exchange.xforce.ibmcloud.com/vulnerabilities/25871 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9995 http://www.securityfocus.com/archive/1/451421/100/0/threaded http://www.securityfocus.com/archive/1/451419/100/200/threaded http://www.securityfocus.com/archive/1/451417/100/200/threaded http://www.securityfocus.com/archive/1/451404/100/0/threaded https://usn.ubuntu.com/302-1/https://nvd.nist.gov

CVE-2006-1056

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect